Skip to content

A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE

Notifications You must be signed in to change notification settings

bjrjk/CVE-2024-29943

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2024-29943

A Pwn2Own SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE.

This repository contains PoC, Exploit and Analysis Slides for CVE-2024-29943.

Demo

Demo.mp4

Slides

Slides.pdf

Reproduce Information

Acknowledgement

References

  1. https://hg.mozilla.org/mozilla-central/rev/45d29e78c0d8f9501e198a512610a519e0605458
  2. https://github.com/mozilla/gecko-dev/commit/81806e7ccec7dde41e37c9891592a6e39ce46380
  3. https://doar-e.github.io/blog/2018/11/19/introduction-to-spidermonkey-exploitation/
  4. https://starlabs.sg/blog/2020/04-tianfu-cup-2019-adobe-reader-exploitation/

About

A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published